Casey Smith (@subTee) is a Researcher with the Veris Group Adaptive Threat Division. His interests include testing and understanding defensive systems..
All Sessions by Casey Smith
April 26, 2017
Windows Operating System Archaeology
10:15 - 11:00
The modern Windows Operating System carries with it an incredible amount of legacy code. The Component Object Model (COM) has left a lasting impact on Windows. This technology is far from dead as it continues to be the foundation for many aspects of the Windows Operating System. You can find hundreds of COM Classes defined by CLSID (COM Class Identifiers). Do you know what they do? This talk seeks to expose tactics long forgotten by the modern defender. We seek to bring to light artifacts in the Windows OS that can be used for persistence, and lateral movement and privilege escalation.
Operating System Security
OPCDE is founded, curated and organized by Comae Technologies. Comae Technologies is a cybersecurity start-up founded by Matt Suiche.